summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Klishin <michael@rabbitmq.com>2014-10-20 11:21:13 +0400
committerMichael Klishin <michael@rabbitmq.com>2014-10-20 11:21:13 +0400
commitbdaad6d911c337a1b477bd423bd47001ff733508 (patch)
treebc8d59855cf0deced7cb24ccc6362e568d1166c2
parentd983db21d14b1b553347a1ec0ed519f01be1a6c4 (diff)
downloadrabbitmq-server-bdaad6d911c337a1b477bd423bd47001ff733508.tar.gz
Override ssl_options.versions in the app descriptor
-rw-r--r--ebin/rabbit_app.in3
1 files changed, 2 insertions, 1 deletions
diff --git a/ebin/rabbit_app.in b/ebin/rabbit_app.in
index 888e4dba..baebd4d8 100644
--- a/ebin/rabbit_app.in
+++ b/ebin/rabbit_app.in
@@ -16,7 +16,8 @@
{mod, {rabbit, []}},
{env, [{tcp_listeners, [5672]},
{ssl_listeners, []},
- {ssl_options, []},
+ %% Disables SSLv3 to mitigate the POODLE attack
+ {ssl_options, [{versions, ['tlsv1.2', 'tlsv1.1', tlsv1]}]},
{vm_memory_high_watermark, 0.4},
{vm_memory_high_watermark_paging_ratio, 0.5},
{disk_free_limit, 50000000}, %% 50MB